ISC2 •SSCP Systems Security Certified Practitioner
Click the link below to get full version http://www.examcertify.com/SSCP.html
Questions & Answers: 20
Question: 1 DES - Data Encryption standard has a 128 bit key and is very difficult to break. A. True B. False
Answer: B Question: 2 What is the main difference between computer abuse and computer crime? A. Amount of damage B. Intentions of the perpetrator C. Method of compromise D. Abuse = company insider; crime = company outsider
Answer: B Question: 3 A standardized list of the most common security weaknesses and exploits is the __________. A. SANS Top 10 B. CSI/FBI Computer Crime Study C. CVE - Common Vulnerabilities and Exposures D. CERT Top 10
Answer: C Question: 4 A salami attack refers to what type of activity? A. Embedding or hiding data inside of a legitimate communication - a picture, etc. B. Hijacking a session and stealing passwords
http://www.examcertify.com/SSCP.html
Page 2
C. Committing computer crimes in such small doses that they almost go unnoticed D. Setting a program to attack a website at 11:59 am on New Year's Eve
Answer: C Question: 5 Multi-partite viruses perform which functions? A. Infect multiple partitions B. Infect multiple boot sectors C. Infect numerous workstations D. Combine both boot and file virus behavior
Answer: D Question: 6 What security principle is based on the division of job responsibilities - designed to prevent fraud? A. Mandatory Access Control B. Separation of Duties C. Information Systems Auditing D. Concept of Least Privilege
Answer: B Question: 7 ________ is the authoritative entity which lists port assignments A. IANA B. ISSA C. Network Solutions D. Register.com E. InterNIC
http://www.examcertify.com/SSCP.html
Page 3
Answer: A Question: 8 Cable modems are less secure than DSL connections because cable modems are shared with other subscribers? A. True B. False
Answer: B Question: 9 ____________ is a file system that was poorly designed and has numerous security flaws. A. NTS B. RPC C. TCP D. NFS E. None of the above
Answer: D Question: 10 CORRECT TEXT Trend Analysis involves analyzing historical ___________ files in order to look for patterns of abuse or misuse.
Answer: Log files Question: 11 HTTP, FTP, SMTP reside at which layer of the OSI model?
http://www.examcertify.com/SSCP.html
Page 4
A. Layer 1 - Physical B. Layer 3 - Network C. Layer 4 - Transport D. Layer 7 - Application E. Layer 2 - Data Link
Answer: D Question: 12 Layer 4 in the DoD model overlaps with which layer(s) of the OSI model? A. Layer 7 - Application Layer B. Layers 2, 3, & 4 - Data Link, Network, and Transport Layers C. Layer 3 - Network Layer D. Layers 5, 6, & 7 - Session, Presentation, and Application Layers
Answer: D Question: 13 A Security Reference Monitor relates to which DoD security standard? A. LC3 B. C2 C. D1 D. L2TP E. None of the items listed
Answer: B Question: 14 The ability to identify and audit a user and his / her actions is known as ____________. A. Journaling B. Auditing C. Accessibility
http://www.examcertify.com/SSCP.html
Page 5
D. Accountability E. Forensics
Answer: D Question: 15 There are 5 classes of IP addresses available, but only 3 classes are in common use today, identify the three: (Choose three) A. Class A: 1-126 B. Class B: 128-191 C. Class C: 192-223 D. Class D: 224-255 E. Class E: 0.0.0.0 - 127.0.0.1
Answer: A,B,C Question: 16 The ultimate goal of a computer forensics specialist is to ___________________. A. Testify in court as an expert witness B. Preserve electronic evidence and protect it from any alteration C. Protect the company's reputation D. Investigate the computer crime
Answer: B Question: 17 One method that can reduce exposure to malicious code is to run applications as generic accounts with little or no privileges. A. True B. False
http://www.examcertify.com/SSCP.html
Page 6
Answer: A Question: 18 CORRECT TEXT ______________ is a major component of an overall risk management program.
Answer: Risk assessment Question: 19 CORRECT TEXT An attempt to break an encryption algorithm is called _____________.
Answer: Cryptanalysis Question: 20 The act of intercepting the first message in a public key exchange and substituting a bogus key for the original key is an example of which style of attack? A. Spoofing B. Hijacking C. Man In The Middle D. Social Engineering E. Distributed Denial of Service (DDoS)
Answer: C
http://www.examcertify.com/SSCP.html
Page 7
ISC2 •SSCP Systems Security Certified Practitioner
Click the link below to get full version http://www.examcertify.com/SSCP.html
Latest tests
70-331
70-332
LOT-951
70-321
HP2-T25
HP2-T26
70-341
70-342
70-411
70-410
70-336
PEGACLSA_62V2
70-337
C_TADM51702
HP0-J54
00M-662
70-689
000-N37
70-480
HP0-J59
http://www.examcertify.com/SSCP.html
Page 8